After Cronos gave me enough trouble between the SQLi and the reverse shell I wanted something I thought would be straightforward. So I went with Blue which if I can bet involves EternalBlue!
Right to it with NMAP:
An older version of SMB, lets poke around.
I really wanted to do this in Python2 to practice my virtual environment skills. So that’s what we will do.
Of course I ran into a bunch of headaches. Something I need to work on. I managed to get a working script going and of course the box crashed. So after a reset, I blasted away and box crashed again.
So I went with Metasploit. More stable here and I was okay doing this because I knew what was vulnerable etc.
This box was very buggy and metasploit failed a few times. Eventually it grabbed and I got both flags.